package spring.boot.btc.utils;

import org.apache.commons.codec.binary.StringUtils;

import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;


/**
 * 非对称加密算法
 *
 * @author blues
 */
public final class DsaUtils {

    private static final String KEY_ALGORITHM = "DSA";

    /**
     * 密钥长度，DH算法的默认密钥长度是1024
     * 密钥长度必须是64的倍数，在512到65536位之间
     */
    private static final int KEY_SIZE = 512;

    //公钥
    public static final String PUBLIC_KEY = "publicKey";
    //私钥
    public static final String PRIVATE_KEY = "privateKey";

    /**
     * 数字签名算法
     **/
    public static final String SIGNATURE_ALGORITHM = "SHA1withDSA";

    /**
     * 初始化密钥对
     */
    public static Map<String, Key> initKey() throws Exception {
        //初始化密钥生成器
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);
        keyPairGenerator.initialize(KEY_SIZE);
        //生成密钥对
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        //公钥
        PublicKey publicKey = keyPair.getPublic();
        //私钥
        PrivateKey privateKey = keyPair.getPrivate();
        //将密钥存储在map中
        Map<String, Key> keyMap = new HashMap<>();
        keyMap.put(PUBLIC_KEY, publicKey);
        keyMap.put(PRIVATE_KEY, privateKey);
        return keyMap;

    }


    /**
     * 取得私钥
     */
    public static String getPrivateKey(Map<String, Key> keyMap) throws Exception {
        PrivateKey key = (PrivateKey) keyMap.get(PRIVATE_KEY);
        return BaseUtils.toBase64(StringUtils.newStringUtf8(key.getEncoded()));
    }

    /**
     * 取得公钥
     */
    public static String getPublicKey(Map<String, Key> keyMap) throws Exception {
        PublicKey key = (PublicKey) keyMap.get(PUBLIC_KEY);
        return BaseUtils.toBase64(StringUtils.newStringUtf8(key.getEncoded()));
    }


    /**
     * 私钥签名
     *
     * @param data       数据
     * @param privateKey 私钥
     */
    public static byte[] signByPrivateKey(byte[] data, byte[] privateKey) throws Exception {
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKey);
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(priKey);
        signature.update(data);
        return signature.sign();
    }

    /**
     * 公钥验证签名
     *
     * @param data      解密出来的数据
     * @param res       签名数据
     * @param publicKey 公钥
     */
    public static boolean verifySignByPublicKey(byte[] data, byte[] res, byte[] publicKey) throws Exception {
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(publicKey);
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PublicKey pubKey = keyFactory.generatePublic(x509EncodedKeySpec);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(pubKey);
        signature.update(data);
        return signature.verify(res);
    }
}
